• The cost of peeking at U.S. traffic.
    Dec 17 2024
    The Biden administration takes its first step to retaliate against China for the Salt Typhoon cyberattack. The Feds release a draft National Cyber Incident Response Plan. Telecom Namibia suffers a cyberattack. The Australian Information Commissioner has reached a $50 million settlement with Meta over the Cambridge Analytica scandal. CISA releases its 2024 year in review. LastPass hackers nab an additional five millions dollars. Texas Tech University notifies over 1.4 million individuals of a ransomware attack. Researchers discover a new DarkGate RAT attack vector using vishing. A fraudster gets 69 months in prison. On our Threat Vector segment, David Moulton speaks with Nir Zuk, Founder and CTO of Palo Alto Networks about predictions for 2025. Surveillance tweaks our brains in unexpected ways. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. Threat Vector Segment On our Threat Vector segment, we preview this week’s episode where host David Moulton talks with Nir Zuk, Founder and CTO of Palo Alto Networks. They talk about Palo Alto Networks' predictions for 2025, focusing on the shift to unified data security platforms and the growing importance of AI in cybersecurity. You can catch new episodes of Threat Vector every Thursday here and on your favorite podcast app. Selected Reading Biden Administration Takes First Step to Retaliate Against China Over Hack (The New York Times) US Unveils New National Cyber Incident Response Plan (Infosecurity Magazine) Telecom Namibia Cyberattack: 400,000 Files Leaked (The Cyber Express) Landmark settlement of $50m from Meta for Australian users impacted by Cambridge Analytica incident (OAIC) CISA Warns of New Windows Vulnerability Used in Hacker Attacks (CyberInsider) CISA 2024 Year in review (CISA) LastPass threat actor steals $5.4M from victims just a week before Xmas (Cointelegraph) Texas Tech University Data Breach Impacts 1.4 Million People (SecurityWeek) Microsoft Teams Vishing Spreads DarkGate RAT (Dark Reading) Man Accused of SQL Injection Hacking Gets 69-Month Prison Sentence (SecurityWeek) The psychological implications of Big Brother’s gaze (SCIMEX) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
    Show More Show Less
    34 mins
  • Rhode Island cyberattack exposes sensitive data.
    Dec 16 2024
    A cyberattack in Rhode Island targets those who applied for government assistance programs. U.S. Senators propose a three billion dollar budget item to “rip and replace” Chinese telecom equipment. The Clop ransomware gang confirms exploiting vulnerabilities in Cleo’s managed file transfer platforms. A major Southern California healthcare provider suffers a ransomware attack. A leading US auto parts provider discloses a cyberattack on its Canadian business unit.SRP Federal Credit Union notifies over 240,000 individuals of cyberattack. A sophisticated phishing campaign targets YouTube creators. Researchers identify a high-severity vulnerability in Mullvad VPN. A horrific dark web forum moderator gets 30 years in prison. Our guests are Perry Carpenter and Mason Amadeus, hosts of the new FAIK Files podcast. Jailbreaking your license plate. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Our guests are Perry Carpenter and Mason Amadeus, hosts of The FAIK Files podcast, talking about their new show. You can find new episodes of The FAIK Files every Friday on the N2K CyberWire network. Selected Reading Personal Data of Rhode Island Residents Breached in Large Cyberattack (The New York Times) Senators, witnesses: $3B for ‘rip and replace’ a good start to preventing Salt Typhoon-style breaches ( CyberScoop) Clop ransomware claims responsibility for Cleo data theft attacks (Bleeping Computer) Hackers Steal 17M Patient Records in Attack on 3 Hospitals (BankInfo Security) Major Auto Parts Firm LKQ Hit by Cyberattack (Securityweek) SRP Federal Credit Union Ransomware Attack Impacts 240,000 (Securityweek) ConnectOnCall Announces 914K-Record Data Breach (HIPAA Journal) Malware Hidden in Fake Business Proposals Hits YouTube Creators (Hackread) Critical Mullvad VPN Vulnerabilities Let Attackers Execute Malicious Code (Cyber Security News) Texan man gets 30 years in prison for running CSAM exchange (The Register) Hackers Can Jailbreak Digital License Plates to Make Others Pay Their Tolls and Tickets (WIRED) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
    Show More Show Less
    38 mins
  • Marcelle Lee: Cyber sleuth detecting emerging threats. [Research] [Career Notes]
    Dec 15 2024
    Please enjoy this encore episode of Career Notes. Senior security researcher from Secureworks Marcelle Lee shares her career journey into cybersecurity and how she helps solve hard problems in her daily work. Marcelle came into cybersecurity not through any traditional path. She describes her route from a different field and starting in cyber at her local community college through a grant program. Marcelle took full advantage of the opportunities she had and grew her career from there. She recommends finding your specialty, but continue to build other skills. As a woman in the field, she is a strong proponent of diversity and encouraging others to find what excites them. And, we thank Marcelle for sharing her story with us. Learn more about your ad choices. Visit megaphone.fm/adchoices
    Show More Show Less
    8 mins
  • Watching the watchers. IoT vulnerabilities exposed by AI. [Research Saturday]
    Dec 14 2024
    This week, we are joined by Andrew Morris, Founder and CTO of GreyNoise, to discuss their work on "GreyNoise Intelligence Discovers Zero-Day Vulnerabilities in Live Streaming Cameras with the Help of AI." GreyNoise discovered two critical zero-day vulnerabilities in IoT-connected live streaming cameras, used in sensitive environments like healthcare and industrial operations, by leveraging its AI-powered detection system, Sift. The vulnerabilities, CVE-2024-8956 (insufficient authentication) and CVE-2024-8957 (OS command injection), could allow attackers to take full control of affected devices, manipulate video feeds, or integrate them into botnets for broader attacks. This breakthrough underscores the transformative role of AI in identifying threats that traditional systems might miss, highlighting the urgent need for robust cybersecurity measures in the expanding IoT landscape. The research can be found here: GreyNoise Intelligence Discovers Zero-Day Vulnerabilities in Live Streaming Cameras with the Help of AI Learn more about your ad choices. Visit megaphone.fm/adchoices
    Show More Show Less
    21 mins
  • Hackers in handcuffs.
    Dec 13 2024
    The U.S. dismantles the Rydox criminal marketplace. File-sharing provider Cleo urges customers to immediately patch a critical vulnerability. A Japanese media giant reportedly paid nearly $3 million to a Russia-linked ransomware group. The largest Bitcoin ATM operator in the U.S. confirms a data breach. Microsoft quietly patches two potentially critical vulnerabilities. Researchers at Claroty describe a malware tool used by nation-state actors to target critical IoT and OT systems. Dell releases patches for a pair of critical vulnerabilities. A federal court indicts 14 North Korean nationals for a scheme funding North Korea’s weapons programs. Texas accuses a data broker of sharing sensitive driving data without consent. Tim Starks, senior reporter at CyberScoop, joins Dave to explore the FCC's groundbreaking proposal to introduce cybersecurity rules linked to wiretapping laws. How the bots stole Christmas. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Tim Starks, senior reporter at CyberScoop, joins Dave to explore the FCC's groundbreaking proposal to introduce cybersecurity rules linked to wiretapping laws. Read more about it in Tim’s article. Selected Reading Rydox Cybercrime Marketplace Disrupted, Administrators Arrested (SecurityWeek) Cleo urges customers to ‘immediately’ apply new patch as researchers discover new malware (The Record) Japanese game and anime publisher reportedly pays $3 million ransom to Russia-linked hackers (The Record) Bitcoin ATM Giant Byte Federal Hit by Hackers, 58,000 Users Impacted (Hackread) Microsoft Patches Vulnerabilities in Windows Defender, Update Catalog (SecurityWeek) Researchers Discover Malware Used by Nation-Sates to Attack OT Systems (Infosecurity Magazine) Critical Dell Security Vulnerabilities Let Attackers Compromise Affected Systems (Cyber Security News) 14 North Korean IT Workers Charged, US to Offer $5 Million Rewards for Info (Cyber Security News) Texas adds data broker specializing in driver behavior to list of alleged privacy law violators (The Record) UK Shoppers Frustrated as Bots Snap Up Popular Christmas Gifts (Infosecurity Magazine) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
    Show More Show Less
    32 mins
  • When AI goes offline.
    Dec 12 2024
    ChatGPT and Meta face widespread outages. Trump advisors explore splitting NSA and CyberCom leadership roles. A critical vulnerability in Apache Struts 2 has been disclosed. “AuthQuake” allowed attackers to bypass Microsoft MFA protections. Researchers identify Nova, a sophisticated variant of the Snake Keylogger malware. Adobe addresses critical vulnerabilities across their product line. Chinese law enforcement has been using spyware to collect data from Android devices since 2017. A new report highlights the gaps in hardware and firmware security management. A Krispy Kreme cyberattack creates a sticky situation. N2K’s Executive Editor Brandon Karpf speaks with guest Mike Silverman, Chief Strategy and Innovation Officer at the FS-ISAC discussing cryptographic agility. Do Not Track bids a fond farewell. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today, N2K’s Executive Editor Brandon Karpf speaks with guest Mike Silverman, Chief Strategy and Innovation Officer at the FS-ISAC discussing cryptographic agility. You can learn more in their new white paper "Building Cryptographic Agility in the Financial Sector." We will share the extended version of this conversation over our winter break. Stay tuned. Selected Reading ChatGPT Down Globally, Services Restored After Hours Of Outage (Cyber Security News) Facebook, Instagram and other Meta apps go down due to 'technical issue' (CNBC) Unfinished business for Trump: Ending the Cyber Command and NSA 'dual hat' (The Record) Apache issues patches for critical Struts 2 RCE bug (The Register) Microsoft MFA Bypassed via AuthQuake Attack (SecurityWeek) Nova Keylogger – A Snake Malware Steal Credentials and Capture Screenshorts From Windows (Cyber Security News) Adobe releases December 2024 patches for flaws in multiple products, including critical (Beyond Machines) Mobile Surveillance Tool EagleMsgSpy Used by Chinese Law Enforcement (SecurityWeek) Three-Quarters of Security Leaders Admit Gaps in Hardware Knowledge (Infosecurity Magazine) Krispy Kreme cyberattack impacts online orders and operations (Bleeping Computer) Firefox, one of the first “Do Not Track” supporters, no longer offers it (Ars Technica) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
    Show More Show Less
    33 mins
  • When exploits go wild and patches race the clock.
    Dec 11 2024
    Microsoft confirms a critical Windows zero-day vulnerability. Global law enforcement agencies dismantle 27 DDoS platforms. Researchers compromise memory in AMD virtual machines. Ivanti reports multiple critical vulnerabilities in its Cloud Services Application. Group-IB researchers expose a sophisticated global phishing campaign. A zero-day vulnerability in Cleo’s managed file transfer software is under active exploitation. The U.S. sanctions a Chinese firm for a 2020 firewall exploit. Congress looks to require the FCC to regulate telecom cybersecurity. Our guest is Malachi Walker, Security Strategist at DomainTools, discussing their role in ODNI's newly established Sentinel Horizon Program. SpartanWarriorz dodge a Telegram crackdown. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Our guest is Malachi Walker, Security Strategist at DomainTools, about their role in ODNI's newly established Sentinel Horizon Program. Selected Reading New Windows 0Day Attack Confirmed—Homeland Security Says Update Now (Forbes) Microsoft Fixes 71 CVEs Including Actively Exploited Zero-Day (Infosecurity Magazine) Atlassian, Splunk Patch High-Severity Vulnerabilities (SecurityWeek) Chrome Security Update, Patch for 3 High-severity Vulnerabilities (Cyber Security News) ICS Patch Tuesday: Security Advisories Released by Siemens, Schneider, CISA, Others (SecurityWeek) Operation PowerOFF Takes Down DDoS Boosters (Infosecurity Magazine) AMD Chip VM Memory Protections Broken by BadRAM (Security Boulevard) Three more vulns spotted in Ivanti CSA, all critical, one 10/10 (The Register) Global Ongoing Phishing Campaign Targets Employees Across 12 Industries (Hackread) New Cleo zero-day RCE flaw exploited in data theft attacks (Bleeping Computer) US Sanctions Chinese Firm at Center of Global Firewall Hack (Infosecurity Magazine) Wyden legislation would mandate FCC cybersecurity rules for telecoms (CyberScoop) Scam Kit Maker Rebuilding Business After Telegram Channel Shut Down (Security Boulevard) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
    Show More Show Less
    32 mins
  • Buckets of trouble.
    Dec 10 2024
    Researchers uncover a large-scale hacking operation tied to the infamous ShinyHunters. A Dell Power Manager vulnerability lets attackers execute malicious code. TikTok requests a federal court injunction to delay a U.S. ban. Radiant Capital attributed a $50 million cryptocurrency heist to North Korea. Japanese firms report ransomware attacks affecting their U.S. subsidiaries. WhatsApp’s “ViewOnce” feature faces continued scrutiny. SpyLoan malware targets Android users through deceptive loan apps. A major Romanian electricity distributor is investigating an ongoing ransomware attack. A critical flaw in OpenWrt Sysupgrade has been fixed. Contenders for top cyber roles in the next Trump administration visit Mar-a-Lago. On our Industry Voices segment, Jason Lamar, Cobalt’s Senior Vice President of Product, joins us to share insights on offensive security: staying ahead of cyber threats. Google’s new quantum chip promises scaling without failing. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On our Industry Voices segment, Jason Lamar, Cobalt’s Senior Vice President of Product, joins us to share insights on offensive security: staying ahead of cyber threats. Check out Cobalt’s GigaOm Radar Report for PTaaS 2024 to learn more. Selected Reading ShinyHunters, Nemesis Linked to Hacks After Leaking Their AWS S3 Bucket (Hackread) Dell Power Manager Vulnerability Let Attackers Execute Malicious Code (Cyber Security News) TikTok Asks Court To Suspend Ban Ahead of Supreme Court Appeal (The Information) Radiant links $50 million crypto heist to North Korean hackers (Bleeping Computer) US subsidiaries of Japanese water treatment company, green tea maker hit with ransomware (The Record) WhatsApp View Once Vulnerability Let Attackers Bypass The Privacy Feature (Cyber Security News) SpyLoan Malware: A Growing Threat to Android Users (Security Boulevard) Romanian energy supplier Electrica hit by ransomware attack (Bleeping Computer) OpenWrt Sysupgrade flaw let hackers push malicious firmware images (Bleeping Computer) Homeland Security veteran to be interviewed for Trump administration cyber role (The Record) Google claims ‘breakthrough’ with new quantum chip (Silicon Republic) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
    Show More Show Less
    37 mins